elmo
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: Credential management is handled securely via the Membrane platform's connection system, preventing the need for local storage of sensitive API keys or tokens.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the official @membranehq/cli package from the NPM registry, which is the expected tool provided by the author for this integration.
- [COMMAND_EXECUTION]: User-initiated shell commands are used to interact with the ELMO Software API through the membrane CLI, which is consistent with the skill's documented HR management purpose.
- [DATA_EXFILTRATION]: Communication with the ELMO Software API is performed through a managed proxy that handles authentication headers, ensuring data is transmitted securely to the authorized service provider.
Audit Metadata